Got it now, as you said.

Using the public CA certs on certificate_file (and related private key), and included the public CA chain on the CA_file (together with my own CA). Still needs more testing (in more enviroments), but seems to be working.

Thanks!


Check the difference of CA_file (containing root CA cert of your internal CA), but set server cert
(including cert chain) inside certificate_file.

(http://lists.freeradius.org/pipermail/freeradius-users/2013-April/065990.html)

Regards,
Mathieu




-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html